[geeks] IPFilter experts?
Jonathan C. Patschke
jp at celestrion.net
Tue Nov 12 02:42:19 CST 2002
On Tue, 12 Nov 2002, Greg A. Woods wrote:
> Well, that's kinda what I mean. You also have to have a good solid
> understanding of how the various protocols interact, and so on too.
Is there something that's less wordy than Dr. Stevens' TCP/IP
Illustrated that I might recommend to some of the luser admins I keep
bumping into? Something that manages to be short yet still give a
usefull whirwind tour of the OSI model and how the IP suite works? This
won't help the "Well, it said the host couldn't be found, so I turned
the Ethernet cable around, in case it was that again" types, but it just
might save me going grey well before my years at having to manually
insert clue.
Hell, if there isn't any such beast, and I have a couple days with
nothing to do anytime soon (ha!), I might just write such a thing.
> For example there are far too many firewall admins out there who think
> all ICMP is plain old evil and don't seem to realize that for the most
> part it's an absolutely a critical component of TCP.
And too many of them run ISPs in Central Texas!! Getting an ICMP packet
through a network over here seems about as likely as getting a bright
red nuke through Customs!
> Yes, too often that's the case. Some nimrod power-hungry security
> officer makes up a bunch of completely bogus rules after reading a
> pamphlet or seeing some half-hour show about firewalls on TechTV or
> what-have-you and the result ties everyone's hands for weeks.
You left out "or reading any periodical published by Ziff-Davis or
CNet". :)
--
Jonathan Patschke
"Albert Einstein nailed space-time, but the wild thing had him stumped.
Al, baby, two and two make five-and-a-quarter; that's why people fall
in love." -- Thomas Dolby, "That's Why People Fall in Love"
More information about the geeks
mailing list